Domain user accounts on our network can log in in ~2 seconds when they are not a member of any security groups.
However, this logon time increases to ~35 seconds when the are a member of any security groups, with the following message displaying while logging in:
There is only 1 PC at this remote site (XP Professional), connecting to an SBS 2003 server over a LogMeIn Hamachi VPN link.
Once logged in, everything works as it should in terms of access to server resources and Active Directory integration.
DNS settings appears to be correct- at least as far as I can see:
I'm assuming this is related to drive mapping- but can't quite figure out why it's happening (only a problem at remote site, not the main office) or how to give these users access to certain resources without adding over half a minute to their logon time.
Does anyone have any ideas what might be going on here?
Best Answer
A good place to start would be to use the Resulatant Set of Policy wizard in the Group Policy management console. This will show you which Group Policies are being applied to the user. Run it with the user both in and out of the groups. This will show you which policies are being applied. Focus on the differences.
If that doesn't yield anything, investigate any login scripts running because of Group Policy. There may be conditional drive mappings based on group membership. If you can't pin down the source just by looking at the script, try running each line manually to see which one takes so long.